Elgg  Version 4.x
Public Member Functions | Public Attributes | Protected Member Functions | Protected Attributes | List of all members
Elgg\PersistentLoginService Class Reference

More...

Public Member Functions

 __construct (UsersRememberMeCookiesTable $cookie_table,\ElggSession $session,\Elgg\Security\Crypto $crypto, array $cookie_config, $cookie_token)
 Constructor. More...
 
 makeLoginPersistent (\ElggUser $user)
 Make the user's login persistent. More...
 
 removePersistentLogin ()
 Remove the persisted login token from client and server. More...
 
 handlePasswordChange (\ElggUser $subject,\ElggUser $modifier=null)
 Handle a password change. More...
 
 bootSession ()
 Boot the persistent login session, possibly returning the user who should be silently logged in. More...
 
 getUserFromToken (string $token)
 Get a user from a persistent cookie token. More...
 
 getUserFromHash (string $hash)
 Find a user with the given hash. More...
 
 updateTokenUsage (\ElggUser $user)
 Update the timestamp linked to a persistent cookie code, this indicates that the code was used recently. More...
 
 removeExpiredTokens ($time)
 Remove all persistent codes from the database which have expired based on the cookie config. More...
 

Public Attributes

 $_callable_elgg_set_cookie = 'elgg_set_cookie'
 

Protected Member Functions

 hashToken (string $token)
 Create a hash from the token. More...
 
 setCookie (string $token)
 Store the token in the client cookie (or remove the cookie) More...
 
 setSessionToken (string $token)
 Store the token in the session (or remove it from the session) More...
 
 generateToken ()
 Generate a random token (base 64 URL) More...
 

Protected Attributes

 $cookie_config
 
 $cookie_token
 
 $session
 
 $crypto
 
 $persistent_cookie_table
 

Detailed Description

If a user selects a persistent login, a long, random token is generated and stored in the cookie called "elggperm", and a hash of the token is stored in the DB. If the user's PHP session expires, the session boot sequence will try to log the user in via the token in the cookie.

Definition at line 17 of file PersistentLoginService.php.

Constructor & Destructor Documentation

Elgg\PersistentLoginService::__construct ( UsersRememberMeCookiesTable  $cookie_table,
\ElggSession  $session,
\Elgg\Security\Crypto  $crypto,
array  $cookie_config,
  $cookie_token 
)

Constructor.

Parameters
UsersRememberMeCookiesTable$cookie_tableThe persistent cookie storage table
\ElggSession$sessionThe Elgg session
\Elgg\Security\Crypto$cryptoThe cryptography service
array$cookie_configThe persistent login cookie settings
string$cookie_tokenThe token from the request cookie

Definition at line 61 of file PersistentLoginService.php.

Member Function Documentation

Elgg\PersistentLoginService::bootSession ( )

Boot the persistent login session, possibly returning the user who should be silently logged in.

Returns
|null

Definition at line 128 of file PersistentLoginService.php.

Elgg\PersistentLoginService::generateToken ( )
protected

Generate a random token (base 64 URL)

The first char is always "z" to indicate the value has more entropy than the previously generated ones.

Returns
string

Definition at line 283 of file PersistentLoginService.php.

Elgg\PersistentLoginService::getUserFromHash ( string  $hash)

Find a user with the given hash.

Parameters
string$hashThe hashed token
Returns
|null

Definition at line 169 of file PersistentLoginService.php.

Elgg\PersistentLoginService::getUserFromToken ( string  $token)

Get a user from a persistent cookie token.

Parameters
string$tokenthe cookie token
Returns
|null

Definition at line 152 of file PersistentLoginService.php.

Elgg\PersistentLoginService::handlePasswordChange ( \ElggUser  $subject,
\ElggUser  $modifier = null 
)

Handle a password change.

Parameters
\ElggUser$subjectThe user whose password changed
\ElggUser$modifierThe user who changed the password
Returns
void

Definition at line 113 of file PersistentLoginService.php.

Elgg\PersistentLoginService::hashToken ( string  $token)
protected

Create a hash from the token.

Parameters
string$tokenThe token to hash
Returns
string

Definition at line 233 of file PersistentLoginService.php.

Elgg\PersistentLoginService::makeLoginPersistent ( \ElggUser  $user)

Make the user's login persistent.

Parameters
\ElggUser$userThe user who logged in
Returns
void

Definition at line 81 of file PersistentLoginService.php.

Elgg\PersistentLoginService::removeExpiredTokens (   $time)

Remove all persistent codes from the database which have expired based on the cookie config.

Parameters
int | \DateTime | string$timethe base timestamp to use
Returns
bool

Definition at line 212 of file PersistentLoginService.php.

Elgg\PersistentLoginService::removePersistentLogin ( )

Remove the persisted login token from client and server.

Returns
void

Definition at line 95 of file PersistentLoginService.php.

Elgg\PersistentLoginService::setCookie ( string  $token)
protected

Store the token in the client cookie (or remove the cookie)

Parameters
string$tokenEmpty string to remove cookie
Returns
void

Definition at line 246 of file PersistentLoginService.php.

Elgg\PersistentLoginService::setSessionToken ( string  $token)
protected

Store the token in the session (or remove it from the session)

Parameters
string$tokenThe token to store in session. Empty string to remove.
Returns
void

Definition at line 267 of file PersistentLoginService.php.

Elgg\PersistentLoginService::updateTokenUsage ( \ElggUser  $user)

Update the timestamp linked to a persistent cookie code, this indicates that the code was used recently.

Parameters
\ElggUser$userthe user to update the cookie code for
Returns
bool|null

Definition at line 190 of file PersistentLoginService.php.

Member Data Documentation

Elgg\PersistentLoginService::$_callable_elgg_set_cookie = 'elgg_set_cookie'

Definition at line 50 of file PersistentLoginService.php.

Elgg\PersistentLoginService::$cookie_config
protected

Definition at line 24 of file PersistentLoginService.php.

Elgg\PersistentLoginService::$cookie_token
protected

Definition at line 29 of file PersistentLoginService.php.

Elgg\PersistentLoginService::$crypto
protected

Definition at line 39 of file PersistentLoginService.php.

Elgg\PersistentLoginService::$persistent_cookie_table
protected

Definition at line 44 of file PersistentLoginService.php.

Elgg\PersistentLoginService::$session
protected

Definition at line 34 of file PersistentLoginService.php.


The documentation for this class was generated from the following file: